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AMENDMENTS TO THE CLAIMS: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

LISTING OF CLAIMS: 

Claims 1-8 (Canceled) 

9. (New) A method for authenticating users to individual network devices that are 
distributed among a plurality of locations, comprising the following steps: 

storing a directory structure at one of said locations, said directory structure comprising 
a root node, a first level of nodes below said root node that are associated with respective 
organizations to which said network devices are assigned, and at least one further level of nodes 
below said first level that identify users who are authorized to access the network devices 
assigned to the organization associated with a parent first-level node and authentication 
information for said users; 

replicating said directory structure among said plurality of locations; 

in response to a request by a user for access to one of said network devices, 
determining which organization to which said one device is assigned and whether said user is 
identified on a node below the first-level node associated with the determined organization; and 

authenticating said user to said device if the user is so identified. 

10. (New) The method of claim 9, wherein said directory structure further includes 
nodes below said first level that identify resources of an associated organization to which 
authenticated users are allowed access. 
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11. (New) The method of claim 9, wherein said determining step is performed with 
reference to a replicated copy of said directory structure at the location containing said one 
device. 

12. (New) The method of claim 9 wherein said network devices comprise servers, 
and said locations are data centers. 

13. (New) The method of claim 9, wherein at least some of said locations contain at 
least two replicated copies of said directory structure, and further including the steps of 
distributing access requests among said replicated copies by means of a load balancer. 

14. (New) The method of claim 9, wherein the same user identification and 
authentication information is contained at a plurality of said further level nodes that are 
respectively associated with different ones of said first-level nodes. 

15. (New) The method of claim 9, wherein said replicating step is carried out 
automatically without user input. 

16. (New) A data center comprising a plurality of network resources and a 
directory server for authenticating users for access to said network resources by means of a 
directory structure comprising a root node, a first level of nodes below said root node that are 
associated with respective organizations to which said network resources are assigned, and at 
least one further level of nodes below said first level that identify users who are authorized to 
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access the network resources assigned to the organization associated with a parent first-level 
node and authentication information for said users. 

17. (New) The data center of claim 16, wherein said directory structure further 
includes nodes below said first level that identify resources of an associated organization to 
which authenticated users are allowed access. 

18. (New) The data center of claim 16, wherein the same user identification and 
authentication information is contained at a plurality of said further level nodes that are 
respectively associated with different ones of said first-level nodes. 

19. (New) The data center of claim 16, comprising at least two of said directory 
servers, and further including a load balancer that distributes requests for access to said 
resources among said directory servers. 

20. (New) The data center of claim 16, wherein at least some of network resources 
are servers that each include an authentication module that is responsive to a request for access 
to determine the organization to which its corresponding server is assigned and restrict 
directory searches to the further-level nodes below the first-level node associated with the 
determined organization. 

21. (New) A distributed network having network resources distributed among a 
plurality of locations, and comprising: 
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a master directory server at one of said locations, said master directory server 
containing a directory structure comprising a root node, a first level of nodes below said root 
node that are associated with respective organizations to which said network resources are 
assigned, and at least one further level of nodes below said first level that identify users who 
are authorized to access the network resources assigned to the organization associated with a 
parent first-level node and authentication information for said users; and 

at least one directory server at each of the other locations, each of said directory servers 
containing a replicated copy of said directory structure. 

22. (New) The distributed network of claim 21, wherein said directory structure 
further includes nodes below said first level that identify resources of an associated organization 
to which authenticated users are allowed access. 

23. (New) The distributed network of claim 21, wherein the same user 
identification and authentication information is contained at a plurality of said further level 
nodes that are respectively associated with different ones of said first- level nodes. 

24. (New) The distributed network of claim 21, wherein at least some of said 
locations contain at least two directory servers, and further including a load balancer that 
distributes requests for access to said resources among said directory servers. 

25. (New) The distributed network of claim 21, wherein at least some of network 
resources are servers that each include an authentication module that is responsive to a request 
for access to determine the organization to which its corresponding server is assigned and 
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restrict directory searches to the further-level nodes below the first-level node associated with 
the determined organization. 



